Forum: Offtopic AES: wie wird die S-Box berechnet?


AES: wie wird die S-Box berechnet?
von Leo B. (luigi)

Lesenswert? 

Hallo zusammen,

für ein Vorlesung in der Uni möchte ich verstehen wie die AES im Detail 
funktioniert. Dazu habe ich einfach mal versucht selbigen in Matlab zu 
schreiben, was auch bisher recht erfolgreich war. Nur leider sitze ich 
heute schon fast den ganzen Nachmittag an der Berechnung der S-Boxen und 
scheitere daran.

Alle Dokumente und Unterlagen die ich bisher durchforstet habe 
beschrieben auf mehr oder weniger komplizierte weise das selbe, was auch 
bei Wikipedia in relativ einfacher Formulierung steht.
http://en.wikipedia.org/wiki/Rijndael_S-box

1
The matrix multiplication can be calculated by the following algorithm:

2
3
1. Store the multiplicative inverse of the input number in two 8-bit

4
   unsigned temporary variables: s and x.

5
2. Rotate the value s one bit to the left; if the value of s had a high

6
   bit (eighth bit from the right) of one, make the low bit of s one;

7
   otherwise the low bit of s is zero.

8
3. Exclusive OR the value of x with the value of s, storing the value in x

9
4. For three more iterations, repeat steps two and three; steps two and

10
   three are done a total of four times.

11
5. The value of x will now have the result of the multiplication.

12
13
After the matrix multiplication is done, exclusive or the value by the

14
decimal number 99 (the hexadecimal number 0x63, the binary number 1100011,

15
and the bit string 11000110 representing the number in LSb first notation).


Interessant ist nur, dass wenn ich das mache, ich auf ganz andere 
Ergebnisse komme.

Das Skript zum Ausprobieren (wie gesagt in Matlab-Code):
1
for i = uint8( 0:255 )

2
    s = i;

3
    x = i;

4
    

5
    for a=1:4

6
        s = bitor( bitshift( s, 1 ), bitshift( s, 1-8 ) );

7
        x = bitxor( x, s );

8
    end

9
    x = bitxor( x, hex2dec('63') );

10
11
    % zum Vergleich die sbox mit LookUp-Table

12
    sb = sbox( i );

13
14
    % ausgabe

15
    if x == sb

16
        s = '    equal';

17
    else

18
        s = 'not equal';

19
    end

20
    

21
    s = [ s sprintf( ': i = %2x(%s) ', i, dec2bin( i, 8 ) )...

22
            sprintf( '; x = %2x(%s) ', x, dec2bin( x, 8 ) )...

23
            sprintf( '; sbox = %2x(%s) ', sb, dec2bin( sb, 8 ) ) ];

24
    display( [s ''] ) ;

25
end


und was dabei raus kommt:
1
    equal: i = 0x00(00000000) ; x = 0x63(01100011) ; sbox = 0x63(01100011) 

2
    equal: i = 0x01(00000001) ; x = 0x7c(01111100) ; sbox = 0x7c(01111100) 

3
not equal: i = 0x02(00000010) ; x = 0x5d(01011101) ; sbox = 0x77(01110111) 

4
not equal: i = 0x03(00000011) ; x = 0x42(01000010) ; sbox = 0x7b(01111011) 

5
not equal: i = 0x04(00000100) ; x = 0x1f(00011111) ; sbox = 0xf2(11110010) 

6
not equal: i = 0x05(00000101) ; x = 0x00(00000000) ; sbox = 0x6b(01101011) 

7
not equal: i = 0x06(00000110) ; x = 0x21(00100001) ; sbox = 0x6f(01101111) 

8
not equal: i = 0x07(00000111) ; x = 0x3e(00111110) ; sbox = 0xc5(11000101) 

9
not equal: i = 0x08(00001000) ; x = 0x9b(10011011) ; sbox = 0x30(00110000) 

10
not equal: i = 0x09(00001001) ; x = 0x84(10000100) ; sbox = 0x01(00000001) 

11
not equal: i = 0x0a(00001010) ; x = 0xa5(10100101) ; sbox = 0x67(01100111) 

12
not equal: i = 0x0b(00001011) ; x = 0xba(10111010) ; sbox = 0x2b(00101011) 

13
not equal: i = 0x0c(00001100) ; x = 0xe7(11100111) ; sbox = 0xfe(11111110) 

14
not equal: i = 0x0d(00001101) ; x = 0xf8(11111000) ; sbox = 0xd7(11010111) 

15
not equal: i = 0x0e(00001110) ; x = 0xd9(11011001) ; sbox = 0xab(10101011) 

16
not equal: i = 0x0f(00001111) ; x = 0xc6(11000110) ; sbox = 0x76(01110110) 

17
not equal: i = 0x10(00010000) ; x = 0x92(10010010) ; sbox = 0xca(11001010) 

18
not equal: i = 0x11(00010001) ; x = 0x8d(10001101) ; sbox = 0x82(10000010) 

19
not equal: i = 0x12(00010010) ; x = 0xac(10101100) ; sbox = 0xc9(11001001) 

20
not equal: i = 0x13(00010011) ; x = 0xb3(10110011) ; sbox = 0x7d(01111101) 

21
not equal: i = 0x14(00010100) ; x = 0xee(11101110) ; sbox = 0xfa(11111010) 

22
not equal: i = 0x15(00010101) ; x = 0xf1(11110001) ; sbox = 0x59(01011001) 

23
not equal: i = 0x16(00010110) ; x = 0xd0(11010000) ; sbox = 0x47(01000111) 

24
not equal: i = 0x17(00010111) ; x = 0xcf(11001111) ; sbox = 0xf0(11110000) 

25
not equal: i = 0x18(00011000) ; x = 0x6a(01101010) ; sbox = 0xad(10101101) 

26
not equal: i = 0x19(00011001) ; x = 0x75(01110101) ; sbox = 0xd4(11010100) 

27
not equal: i = 0x1a(00011010) ; x = 0x54(01010100) ; sbox = 0xa2(10100010) 

28
not equal: i = 0x1b(00011011) ; x = 0x4b(01001011) ; sbox = 0xaf(10101111) 

29
not equal: i = 0x1c(00011100) ; x = 0x16(00010110) ; sbox = 0x9c(10011100) 

30
not equal: i = 0x1d(00011101) ; x = 0x09(00001001) ; sbox = 0xa4(10100100) 

31
not equal: i = 0x1e(00011110) ; x = 0x28(00101000) ; sbox = 0x72(01110010) 

32
not equal: i = 0x1f(00011111) ; x = 0x37(00110111) ; sbox = 0xc0(11000000) 

33
not equal: i = 0x20(00100000) ; x = 0x80(10000000) ; sbox = 0xb7(10110111) 

34
not equal: i = 0x21(00100001) ; x = 0x9f(10011111) ; sbox = 0xfd(11111101) 

35
not equal: i = 0x22(00100010) ; x = 0xbe(10111110) ; sbox = 0x93(10010011) 

36
not equal: i = 0x23(00100011) ; x = 0xa1(10100001) ; sbox = 0x26(00100110) 

37
not equal: i = 0x24(00100100) ; x = 0xfc(11111100) ; sbox = 0x36(00110110) 

38
not equal: i = 0x25(00100101) ; x = 0xe3(11100011) ; sbox = 0x3f(00111111) 

39
not equal: i = 0x26(00100110) ; x = 0xc2(11000010) ; sbox = 0xf7(11110111) 

40
not equal: i = 0x27(00100111) ; x = 0xdd(11011101) ; sbox = 0xcc(11001100) 

41
not equal: i = 0x28(00101000) ; x = 0x78(01111000) ; sbox = 0x34(00110100) 

42
not equal: i = 0x29(00101001) ; x = 0x67(01100111) ; sbox = 0xa5(10100101) 

43
not equal: i = 0x2a(00101010) ; x = 0x46(01000110) ; sbox = 0xe5(11100101) 

44
not equal: i = 0x2b(00101011) ; x = 0x59(01011001) ; sbox = 0xf1(11110001) 

45
not equal: i = 0x2c(00101100) ; x = 0x04(00000100) ; sbox = 0x71(01110001) 

46
not equal: i = 0x2d(00101101) ; x = 0x1b(00011011) ; sbox = 0xd8(11011000) 

47
not equal: i = 0x2e(00101110) ; x = 0x3a(00111010) ; sbox = 0x31(00110001) 

48
not equal: i = 0x2f(00101111) ; x = 0x25(00100101) ; sbox = 0x15(00010101) 

49
not equal: i = 0x30(00110000) ; x = 0x71(01110001) ; sbox = 0x04(00000100) 

50
not equal: i = 0x31(00110001) ; x = 0x6e(01101110) ; sbox = 0xc7(11000111) 

51
not equal: i = 0x32(00110010) ; x = 0x4f(01001111) ; sbox = 0x23(00100011) 

52
not equal: i = 0x33(00110011) ; x = 0x50(01010000) ; sbox = 0xc3(11000011) 

53
not equal: i = 0x34(00110100) ; x = 0x0d(00001101) ; sbox = 0x18(00011000) 

54
not equal: i = 0x35(00110101) ; x = 0x12(00010010) ; sbox = 0x96(10010110) 

55
not equal: i = 0x36(00110110) ; x = 0x33(00110011) ; sbox = 0x05(00000101) 

56
not equal: i = 0x37(00110111) ; x = 0x2c(00101100) ; sbox = 0x9a(10011010) 

57
not equal: i = 0x38(00111000) ; x = 0x89(10001001) ; sbox = 0x07(00000111) 

58
not equal: i = 0x39(00111001) ; x = 0x96(10010110) ; sbox = 0x12(00010010) 

59
not equal: i = 0x3a(00111010) ; x = 0xb7(10110111) ; sbox = 0x80(10000000) 

60
not equal: i = 0x3b(00111011) ; x = 0xa8(10101000) ; sbox = 0xe2(11100010) 

61
not equal: i = 0x3c(00111100) ; x = 0xf5(11110101) ; sbox = 0xeb(11101011) 

62
not equal: i = 0x3d(00111101) ; x = 0xea(11101010) ; sbox = 0x27(00100111) 

63
not equal: i = 0x3e(00111110) ; x = 0xcb(11001011) ; sbox = 0xb2(10110010) 

64
not equal: i = 0x3f(00111111) ; x = 0xd4(11010100) ; sbox = 0x75(01110101) 

65
not equal: i = 0x40(01000000) ; x = 0xa4(10100100) ; sbox = 0x09(00001001) 

66
not equal: i = 0x41(01000001) ; x = 0xbb(10111011) ; sbox = 0x83(10000011) 

67
not equal: i = 0x42(01000010) ; x = 0x9a(10011010) ; sbox = 0x2c(00101100) 

68
not equal: i = 0x43(01000011) ; x = 0x85(10000101) ; sbox = 0x1a(00011010) 

69
not equal: i = 0x44(01000100) ; x = 0xd8(11011000) ; sbox = 0x1b(00011011) 

70
not equal: i = 0x45(01000101) ; x = 0xc7(11000111) ; sbox = 0x6e(01101110) 

71
not equal: i = 0x46(01000110) ; x = 0xe6(11100110) ; sbox = 0x5a(01011010) 

72
not equal: i = 0x47(01000111) ; x = 0xf9(11111001) ; sbox = 0xa0(10100000) 

73
not equal: i = 0x48(01001000) ; x = 0x5c(01011100) ; sbox = 0x52(01010010) 

74
not equal: i = 0x49(01001001) ; x = 0x43(01000011) ; sbox = 0x3b(00111011) 

75
not equal: i = 0x4a(01001010) ; x = 0x62(01100010) ; sbox = 0xd6(11010110) 

76
not equal: i = 0x4b(01001011) ; x = 0x7d(01111101) ; sbox = 0xb3(10110011) 

77
not equal: i = 0x4c(01001100) ; x = 0x20(00100000) ; sbox = 0x29(00101001) 

78
not equal: i = 0x4d(01001101) ; x = 0x3f(00111111) ; sbox = 0xe3(11100011) 

79
not equal: i = 0x4e(01001110) ; x = 0x1e(00011110) ; sbox = 0x2f(00101111) 

80
not equal: i = 0x4f(01001111) ; x = 0x01(00000001) ; sbox = 0x84(10000100) 

81
not equal: i = 0x50(01010000) ; x = 0x55(01010101) ; sbox = 0x53(01010011) 

82
not equal: i = 0x51(01010001) ; x = 0x4a(01001010) ; sbox = 0xd1(11010001) 

83
not equal: i = 0x52(01010010) ; x = 0x6b(01101011) ; sbox = 0x00(00000000) 

84
not equal: i = 0x53(01010011) ; x = 0x74(01110100) ; sbox = 0xed(11101101) 

85
not equal: i = 0x54(01010100) ; x = 0x29(00101001) ; sbox = 0x20(00100000) 

86
not equal: i = 0x55(01010101) ; x = 0x36(00110110) ; sbox = 0xfc(11111100) 

87
not equal: i = 0x56(01010110) ; x = 0x17(00010111) ; sbox = 0xb1(10110001) 

88
not equal: i = 0x57(01010111) ; x = 0x08(00001000) ; sbox = 0x5b(01011011) 

89
not equal: i = 0x58(01011000) ; x = 0xad(10101101) ; sbox = 0x6a(01101010) 

90
not equal: i = 0x59(01011001) ; x = 0xb2(10110010) ; sbox = 0xcb(11001011) 

91
not equal: i = 0x5a(01011010) ; x = 0x93(10010011) ; sbox = 0xbe(10111110) 

92
not equal: i = 0x5b(01011011) ; x = 0x8c(10001100) ; sbox = 0x39(00111001) 

93
not equal: i = 0x5c(01011100) ; x = 0xd1(11010001) ; sbox = 0x4a(01001010) 

94
not equal: i = 0x5d(01011101) ; x = 0xce(11001110) ; sbox = 0x4c(01001100) 

95
not equal: i = 0x5e(01011110) ; x = 0xef(11101111) ; sbox = 0x58(01011000) 

96
not equal: i = 0x5f(01011111) ; x = 0xf0(11110000) ; sbox = 0xcf(11001111) 

97
not equal: i = 0x60(01100000) ; x = 0x47(01000111) ; sbox = 0xd0(11010000) 

98
not equal: i = 0x61(01100001) ; x = 0x58(01011000) ; sbox = 0xef(11101111) 

99
not equal: i = 0x62(01100010) ; x = 0x79(01111001) ; sbox = 0xaa(10101010) 

100
not equal: i = 0x63(01100011) ; x = 0x66(01100110) ; sbox = 0xfb(11111011) 

101
not equal: i = 0x64(01100100) ; x = 0x3b(00111011) ; sbox = 0x43(01000011) 

102
not equal: i = 0x65(01100101) ; x = 0x24(00100100) ; sbox = 0x4d(01001101) 

103
not equal: i = 0x66(01100110) ; x = 0x05(00000101) ; sbox = 0x33(00110011) 

104
not equal: i = 0x67(01100111) ; x = 0x1a(00011010) ; sbox = 0x85(10000101) 

105
not equal: i = 0x68(01101000) ; x = 0xbf(10111111) ; sbox = 0x45(01000101) 

106
not equal: i = 0x69(01101001) ; x = 0xa0(10100000) ; sbox = 0xf9(11111001) 

107
not equal: i = 0x6a(01101010) ; x = 0x81(10000001) ; sbox = 0x02(00000010) 

108
not equal: i = 0x6b(01101011) ; x = 0x9e(10011110) ; sbox = 0x7f(01111111) 

109
not equal: i = 0x6c(01101100) ; x = 0xc3(11000011) ; sbox = 0x50(01010000) 

110
not equal: i = 0x6d(01101101) ; x = 0xdc(11011100) ; sbox = 0x3c(00111100) 

111
not equal: i = 0x6e(01101110) ; x = 0xfd(11111101) ; sbox = 0x9f(10011111) 

112
not equal: i = 0x6f(01101111) ; x = 0xe2(11100010) ; sbox = 0xa8(10101000) 

113
not equal: i = 0x70(01110000) ; x = 0xb6(10110110) ; sbox = 0x51(01010001) 

114
not equal: i = 0x71(01110001) ; x = 0xa9(10101001) ; sbox = 0xa3(10100011) 

115
not equal: i = 0x72(01110010) ; x = 0x88(10001000) ; sbox = 0x40(01000000) 

116
not equal: i = 0x73(01110011) ; x = 0x97(10010111) ; sbox = 0x8f(10001111) 

117
not equal: i = 0x74(01110100) ; x = 0xca(11001010) ; sbox = 0x92(10010010) 

118
not equal: i = 0x75(01110101) ; x = 0xd5(11010101) ; sbox = 0x9d(10011101) 

119
not equal: i = 0x76(01110110) ; x = 0xf4(11110100) ; sbox = 0x38(00111000) 

120
not equal: i = 0x77(01110111) ; x = 0xeb(11101011) ; sbox = 0xf5(11110101) 

121
not equal: i = 0x78(01111000) ; x = 0x4e(01001110) ; sbox = 0xbc(10111100) 

122
not equal: i = 0x79(01111001) ; x = 0x51(01010001) ; sbox = 0xb6(10110110) 

123
not equal: i = 0x7a(01111010) ; x = 0x70(01110000) ; sbox = 0xda(11011010) 

124
not equal: i = 0x7b(01111011) ; x = 0x6f(01101111) ; sbox = 0x21(00100001) 

125
not equal: i = 0x7c(01111100) ; x = 0x32(00110010) ; sbox = 0x10(00010000) 

126
not equal: i = 0x7d(01111101) ; x = 0x2d(00101101) ; sbox = 0xff(11111111) 

127
not equal: i = 0x7e(01111110) ; x = 0x0c(00001100) ; sbox = 0xf3(11110011) 

128
not equal: i = 0x7f(01111111) ; x = 0x13(00010011) ; sbox = 0xd2(11010010) 

129
not equal: i = 0x80(10000000) ; x = 0xec(11101100) ; sbox = 0xcd(11001101) 

130
not equal: i = 0x81(10000001) ; x = 0xf3(11110011) ; sbox = 0x0c(00001100) 

131
not equal: i = 0x82(10000010) ; x = 0xd2(11010010) ; sbox = 0x13(00010011) 

132
not equal: i = 0x83(10000011) ; x = 0xcd(11001101) ; sbox = 0xec(11101100) 

133
not equal: i = 0x84(10000100) ; x = 0x90(10010000) ; sbox = 0x5f(01011111) 

134
not equal: i = 0x85(10000101) ; x = 0x8f(10001111) ; sbox = 0x97(10010111) 

135
not equal: i = 0x86(10000110) ; x = 0xae(10101110) ; sbox = 0x44(01000100) 

136
not equal: i = 0x87(10000111) ; x = 0xb1(10110001) ; sbox = 0x17(00010111) 

137
not equal: i = 0x88(10001000) ; x = 0x14(00010100) ; sbox = 0xc4(11000100) 

138
not equal: i = 0x89(10001001) ; x = 0x0b(00001011) ; sbox = 0xa7(10100111) 

139
not equal: i = 0x8a(10001010) ; x = 0x2a(00101010) ; sbox = 0x7e(01111110) 

140
not equal: i = 0x8b(10001011) ; x = 0x35(00110101) ; sbox = 0x3d(00111101) 

141
not equal: i = 0x8c(10001100) ; x = 0x68(01101000) ; sbox = 0x64(01100100) 

142
not equal: i = 0x8d(10001101) ; x = 0x77(01110111) ; sbox = 0x5d(01011101) 

143
not equal: i = 0x8e(10001110) ; x = 0x56(01010110) ; sbox = 0x19(00011001) 

144
not equal: i = 0x8f(10001111) ; x = 0x49(01001001) ; sbox = 0x73(01110011) 

145
not equal: i = 0x90(10010000) ; x = 0x1d(00011101) ; sbox = 0x60(01100000) 

146
not equal: i = 0x91(10010001) ; x = 0x02(00000010) ; sbox = 0x81(10000001) 

147
not equal: i = 0x92(10010010) ; x = 0x23(00100011) ; sbox = 0x4f(01001111) 

148
not equal: i = 0x93(10010011) ; x = 0x3c(00111100) ; sbox = 0xdc(11011100) 

149
not equal: i = 0x94(10010100) ; x = 0x61(01100001) ; sbox = 0x22(00100010) 

150
not equal: i = 0x95(10010101) ; x = 0x7e(01111110) ; sbox = 0x2a(00101010) 

151
not equal: i = 0x96(10010110) ; x = 0x5f(01011111) ; sbox = 0x90(10010000) 

152
not equal: i = 0x97(10010111) ; x = 0x40(01000000) ; sbox = 0x88(10001000) 

153
not equal: i = 0x98(10011000) ; x = 0xe5(11100101) ; sbox = 0x46(01000110) 

154
not equal: i = 0x99(10011001) ; x = 0xfa(11111010) ; sbox = 0xee(11101110) 

155
not equal: i = 0x9a(10011010) ; x = 0xdb(11011011) ; sbox = 0xb8(10111000) 

156
not equal: i = 0x9b(10011011) ; x = 0xc4(11000100) ; sbox = 0x14(00010100) 

157
not equal: i = 0x9c(10011100) ; x = 0x99(10011001) ; sbox = 0xde(11011110) 

158
not equal: i = 0x9d(10011101) ; x = 0x86(10000110) ; sbox = 0x5e(01011110) 

159
not equal: i = 0x9e(10011110) ; x = 0xa7(10100111) ; sbox = 0x0b(00001011) 

160
not equal: i = 0x9f(10011111) ; x = 0xb8(10111000) ; sbox = 0xdb(11011011) 

161
not equal: i = 0xa0(10100000) ; x = 0x0f(00001111) ; sbox = 0xe0(11100000) 

162
not equal: i = 0xa1(10100001) ; x = 0x10(00010000) ; sbox = 0x32(00110010) 

163
not equal: i = 0xa2(10100010) ; x = 0x31(00110001) ; sbox = 0x3a(00111010) 

164
not equal: i = 0xa3(10100011) ; x = 0x2e(00101110) ; sbox = 0x0a(00001010) 

165
not equal: i = 0xa4(10100100) ; x = 0x73(01110011) ; sbox = 0x49(01001001) 

166
not equal: i = 0xa5(10100101) ; x = 0x6c(01101100) ; sbox = 0x06(00000110) 

167
not equal: i = 0xa6(10100110) ; x = 0x4d(01001101) ; sbox = 0x24(00100100) 

168
not equal: i = 0xa7(10100111) ; x = 0x52(01010010) ; sbox = 0x5c(01011100) 

169
not equal: i = 0xa8(10101000) ; x = 0xf7(11110111) ; sbox = 0xc2(11000010) 

170
not equal: i = 0xa9(10101001) ; x = 0xe8(11101000) ; sbox = 0xd3(11010011) 

171
not equal: i = 0xaa(10101010) ; x = 0xc9(11001001) ; sbox = 0xac(10101100) 

172
not equal: i = 0xab(10101011) ; x = 0xd6(11010110) ; sbox = 0x62(01100010) 

173
not equal: i = 0xac(10101100) ; x = 0x8b(10001011) ; sbox = 0x91(10010001) 

174
not equal: i = 0xad(10101101) ; x = 0x94(10010100) ; sbox = 0x95(10010101) 

175
not equal: i = 0xae(10101110) ; x = 0xb5(10110101) ; sbox = 0xe4(11100100) 

176
not equal: i = 0xaf(10101111) ; x = 0xaa(10101010) ; sbox = 0x79(01111001) 

177
not equal: i = 0xb0(10110000) ; x = 0xfe(11111110) ; sbox = 0xe7(11100111) 

178
not equal: i = 0xb1(10110001) ; x = 0xe1(11100001) ; sbox = 0xc8(11001000) 

179
not equal: i = 0xb2(10110010) ; x = 0xc0(11000000) ; sbox = 0x37(00110111) 

180
not equal: i = 0xb3(10110011) ; x = 0xdf(11011111) ; sbox = 0x6d(01101101) 

181
not equal: i = 0xb4(10110100) ; x = 0x82(10000010) ; sbox = 0x8d(10001101) 

182
not equal: i = 0xb5(10110101) ; x = 0x9d(10011101) ; sbox = 0xd5(11010101) 

183
not equal: i = 0xb6(10110110) ; x = 0xbc(10111100) ; sbox = 0x4e(01001110) 

184
not equal: i = 0xb7(10110111) ; x = 0xa3(10100011) ; sbox = 0xa9(10101001) 

185
not equal: i = 0xb8(10111000) ; x = 0x06(00000110) ; sbox = 0x6c(01101100) 

186
not equal: i = 0xb9(10111001) ; x = 0x19(00011001) ; sbox = 0x56(01010110) 

187
not equal: i = 0xba(10111010) ; x = 0x38(00111000) ; sbox = 0xf4(11110100) 

188
not equal: i = 0xbb(10111011) ; x = 0x27(00100111) ; sbox = 0xea(11101010) 

189
not equal: i = 0xbc(10111100) ; x = 0x7a(01111010) ; sbox = 0x65(01100101) 

190
not equal: i = 0xbd(10111101) ; x = 0x65(01100101) ; sbox = 0x7a(01111010) 

191
not equal: i = 0xbe(10111110) ; x = 0x44(01000100) ; sbox = 0xae(10101110) 

192
not equal: i = 0xbf(10111111) ; x = 0x5b(01011011) ; sbox = 0x08(00001000) 

193
not equal: i = 0xc0(11000000) ; x = 0x2b(00101011) ; sbox = 0xba(10111010) 

194
not equal: i = 0xc1(11000001) ; x = 0x34(00110100) ; sbox = 0x78(01111000) 

195
not equal: i = 0xc2(11000010) ; x = 0x15(00010101) ; sbox = 0x25(00100101) 

196
not equal: i = 0xc3(11000011) ; x = 0x0a(00001010) ; sbox = 0x2e(00101110) 

197
not equal: i = 0xc4(11000100) ; x = 0x57(01010111) ; sbox = 0x1c(00011100) 

198
not equal: i = 0xc5(11000101) ; x = 0x48(01001000) ; sbox = 0xa6(10100110) 

199
not equal: i = 0xc6(11000110) ; x = 0x69(01101001) ; sbox = 0xb4(10110100) 

200
not equal: i = 0xc7(11000111) ; x = 0x76(01110110) ; sbox = 0xc6(11000110) 

201
not equal: i = 0xc8(11001000) ; x = 0xd3(11010011) ; sbox = 0xe8(11101000) 

202
not equal: i = 0xc9(11001001) ; x = 0xcc(11001100) ; sbox = 0xdd(11011101) 

203
not equal: i = 0xca(11001010) ; x = 0xed(11101101) ; sbox = 0x74(01110100) 

204
not equal: i = 0xcb(11001011) ; x = 0xf2(11110010) ; sbox = 0x1f(00011111) 

205
not equal: i = 0xcc(11001100) ; x = 0xaf(10101111) ; sbox = 0x4b(01001011) 

206
not equal: i = 0xcd(11001101) ; x = 0xb0(10110000) ; sbox = 0xbd(10111101) 

207
not equal: i = 0xce(11001110) ; x = 0x91(10010001) ; sbox = 0x8b(10001011) 

208
not equal: i = 0xcf(11001111) ; x = 0x8e(10001110) ; sbox = 0x8a(10001010) 

209
not equal: i = 0xd0(11010000) ; x = 0xda(11011010) ; sbox = 0x70(01110000) 

210
not equal: i = 0xd1(11010001) ; x = 0xc5(11000101) ; sbox = 0x3e(00111110) 

211
not equal: i = 0xd2(11010010) ; x = 0xe4(11100100) ; sbox = 0xb5(10110101) 

212
not equal: i = 0xd3(11010011) ; x = 0xfb(11111011) ; sbox = 0x66(01100110) 

213
not equal: i = 0xd4(11010100) ; x = 0xa6(10100110) ; sbox = 0x48(01001000) 

214
not equal: i = 0xd5(11010101) ; x = 0xb9(10111001) ; sbox = 0x03(00000011) 

215
not equal: i = 0xd6(11010110) ; x = 0x98(10011000) ; sbox = 0xf6(11110110) 

216
not equal: i = 0xd7(11010111) ; x = 0x87(10000111) ; sbox = 0x0e(00001110) 

217
not equal: i = 0xd8(11011000) ; x = 0x22(00100010) ; sbox = 0x61(01100001) 

218
not equal: i = 0xd9(11011001) ; x = 0x3d(00111101) ; sbox = 0x35(00110101) 

219
not equal: i = 0xda(11011010) ; x = 0x1c(00011100) ; sbox = 0x57(01010111) 

220
not equal: i = 0xdb(11011011) ; x = 0x03(00000011) ; sbox = 0xb9(10111001) 

221
not equal: i = 0xdc(11011100) ; x = 0x5e(01011110) ; sbox = 0x86(10000110) 

222
not equal: i = 0xdd(11011101) ; x = 0x41(01000001) ; sbox = 0xc1(11000001) 

223
not equal: i = 0xde(11011110) ; x = 0x60(01100000) ; sbox = 0x1d(00011101) 

224
not equal: i = 0xdf(11011111) ; x = 0x7f(01111111) ; sbox = 0x9e(10011110) 

225
not equal: i = 0xe0(11100000) ; x = 0xc8(11001000) ; sbox = 0xe1(11100001) 

226
not equal: i = 0xe1(11100001) ; x = 0xd7(11010111) ; sbox = 0xf8(11111000) 

227
not equal: i = 0xe2(11100010) ; x = 0xf6(11110110) ; sbox = 0x98(10011000) 

228
not equal: i = 0xe3(11100011) ; x = 0xe9(11101001) ; sbox = 0x11(00010001) 

229
not equal: i = 0xe4(11100100) ; x = 0xb4(10110100) ; sbox = 0x69(01101001) 

230
not equal: i = 0xe5(11100101) ; x = 0xab(10101011) ; sbox = 0xd9(11011001) 

231
not equal: i = 0xe6(11100110) ; x = 0x8a(10001010) ; sbox = 0x8e(10001110) 

232
not equal: i = 0xe7(11100111) ; x = 0x95(10010101) ; sbox = 0x94(10010100) 

233
not equal: i = 0xe8(11101000) ; x = 0x30(00110000) ; sbox = 0x9b(10011011) 

234
not equal: i = 0xe9(11101001) ; x = 0x2f(00101111) ; sbox = 0x1e(00011110) 

235
not equal: i = 0xea(11101010) ; x = 0x0e(00001110) ; sbox = 0x87(10000111) 

236
not equal: i = 0xeb(11101011) ; x = 0x11(00010001) ; sbox = 0xe9(11101001) 

237
not equal: i = 0xec(11101100) ; x = 0x4c(01001100) ; sbox = 0xce(11001110) 

238
not equal: i = 0xed(11101101) ; x = 0x53(01010011) ; sbox = 0x55(01010101) 

239
not equal: i = 0xee(11101110) ; x = 0x72(01110010) ; sbox = 0x28(00101000) 

240
not equal: i = 0xef(11101111) ; x = 0x6d(01101101) ; sbox = 0xdf(11011111) 

241
not equal: i = 0xf0(11110000) ; x = 0x39(00111001) ; sbox = 0x8c(10001100) 

242
not equal: i = 0xf1(11110001) ; x = 0x26(00100110) ; sbox = 0xa1(10100001) 

243
not equal: i = 0xf2(11110010) ; x = 0x07(00000111) ; sbox = 0x89(10001001) 

244
not equal: i = 0xf3(11110011) ; x = 0x18(00011000) ; sbox = 0x0d(00001101) 

245
not equal: i = 0xf4(11110100) ; x = 0x45(01000101) ; sbox = 0xbf(10111111) 

246
not equal: i = 0xf5(11110101) ; x = 0x5a(01011010) ; sbox = 0xe6(11100110) 

247
not equal: i = 0xf6(11110110) ; x = 0x7b(01111011) ; sbox = 0x42(01000010) 

248
not equal: i = 0xf7(11110111) ; x = 0x64(01100100) ; sbox = 0x68(01101000) 

249
not equal: i = 0xf8(11111000) ; x = 0xc1(11000001) ; sbox = 0x41(01000001) 

250
not equal: i = 0xf9(11111001) ; x = 0xde(11011110) ; sbox = 0x99(10011001) 

251
not equal: i = 0xfa(11111010) ; x = 0xff(11111111) ; sbox = 0x2d(00101101) 

252
not equal: i = 0xfb(11111011) ; x = 0xe0(11100000) ; sbox = 0x0f(00001111) 

253
not equal: i = 0xfc(11111100) ; x = 0xbd(10111101) ; sbox = 0xb0(10110000) 

254
not equal: i = 0xfd(11111101) ; x = 0xa2(10100010) ; sbox = 0x54(01010100) 

255
not equal: i = 0xfe(11111110) ; x = 0x83(10000011) ; sbox = 0xbb(10111011) 

256
not equal: i = 0xff(11111111) ; x = 0x9c(10011100) ; sbox = 0xbb(10111011)


Kann mir vielleicht jemand einen Hinweis geben was da jetzt der Fehler 
ist?
Ich verzweifle dran.

Vielen Herzlichen Dank
Gruß Leo

  


  




  

    Beitrag melden Bearbeiten Thread verschieben Thread sperren Anmeldepflicht aktivieren Anpinnen Thread löschen Thread mit anderem zusammenführen Markierten Text zitieren Antwort Antwort mit Zitat
  







      

      



  

    Re: AES: wie wird die S-Box berechnet?
  


  

    

      von
      
        (prx) A. K.
        (prx)
        
      
      


      
    


    

      
    

    

    

  
  


  

  Lesenswert?
  

  
  
    
  

    
  		
  

  


  

      
Das "multiplicative inverse" von i ist i?

  


  




  

    Beitrag melden Bearbeiten Löschen Markierten Text zitieren Antwort Antwort mit Zitat
  







      

      



  

    Re: AES: wie wird die S-Box berechnet?
  


  

    

      von
      
        Leo B.
        (luigi)
        
      
      


      
    


    

      
    

    

    

  
  


  

  Lesenswert?
  

  
  
    
  

    
  		
  

  


  

      
A. K. schrieb:
> Das "multiplicative inverse" von i ist i?

Nein, ich dachte man muss x und s mit dem "multiplicative inverse" des 
Ergebnisses setzten. Wie würde man das sonst errechnen?

  


  




  

    Beitrag melden Bearbeiten Löschen Markierten Text zitieren Antwort Antwort mit Zitat
  







      

      



  

    Re: AES: wie wird die S-Box berechnet?
  


  

    

      von
      
        (prx) A. K.
        (prx)
        
      
      


      
    


    

      
    

    

    

  
  


  

  Lesenswert?
  

  
  
    
  

    
  		
  

  


  

      
Leo B. schrieb:
> Nein, ich dachte man muss x und s mit dem "multiplicative inverse" des
> Ergebnisses setzten.

Bei "Store the multiplicative inverse of the input number in two 8-bit 
unsigned temporary variables: s and x."? Interessante Interpretation.

> Wie würde man das sonst errechnen?

Du könntest nachschlagen, was das bedeutet. Bei gewöhnlicher Arithmetik 
wärs der Kehrwert, das schon mal als kleine Hilfe (à la Jauch ;-).

  


  



  

  
:
    Bearbeitet durch User
  

  


  

    Beitrag melden Bearbeiten Löschen Markierten Text zitieren Antwort Antwort mit Zitat
  







      

      



  

    Re: AES: wie wird die S-Box berechnet?
  


  

    

      von
      
        Detlef K.
        (adenin)
        
      
      


      
    


    

      
    

    

    

  
  


  

  Lesenswert?
  

  
  
    
  

    
  		
  

  


  

      
Das ist aber keine gewöhnliche Arithmetik.
Das ist ungewöhnlich grausame Arithmetik. :)
Schau mal http://www.cs.utsa.edu/~wagner/laws/FFM.html ganz unten.

  


  




  

    Beitrag melden Bearbeiten Löschen Markierten Text zitieren Antwort Antwort mit Zitat
  







      

      



  

    Re: AES: wie wird die S-Box berechnet?
  


  

    

      von
      
        Johannes O.
        (jojo_2)
        
      
      


      
    


    

      
    

    

    

  
  


  

  Lesenswert?
  

  
  
    
  

    
  		
  

  


  

      
Die Berechnung erfolg auf einem Finiten Feld. Genauer gesagt: GF(256) 
oder auch GF(2^8) genannt. Außerdem wird auch auf GF(2) gerechnet.

Damit du eine Chance hast zu verstehen was da passiert, musst du zuerst 
verstehen, wie man auf diesen Feldern rechnet und was diese 
Bezeichnungen hier bedeuten.

Entweder du findest selbst etwas dazu oder du schaust es dir hier an, um 
nen groben Überblick zu bekommen: (FIPS-197), Kapitel 4
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf


Die Berechnung der SBox selbst besteht aus zwei Teilen: Einer affinen 
Transformation auf GF(2) (stark vereinfach gesagt: einen Wert mit einer 
Konstante multiplizieren und dann eine Konstante addieren. Das ganze 
passiert Bitweise), und dem Berechnen des multiplikativen Inversen (das 
passiert auf GF(256)).

Das Inverse wird wie schon geschrieben auf GF(256) berechnet. D.h., dass 
AUF DEM FINITEN FELD gelten muss, dass deine Zahl multipliziert mit 
seinem Inversen, 1 ergeben muss.

Fürs Berechnen des Inversen gibts mehrere Möglichkeiten. Wie diese 
funktionieren ist relativ schwierig zu erklären und das kann man erst 
verstehen, sofern man die Grundlagen der Mathematik dahinter sehr gut 
verstanden hat.
Eine Möglichkeit ist, dass man das Problem mithilfe von Logarithmen 
löst. Da verwendet man einen Generator des GF(256), z.B. 0x03 wäre 
einer, und macht eine Art Brute-Force suche des Inversen, wobei man 
immer nur mit 0x03 multiplizieren muss, was recht schnell geht. Das 
führt an dieser Stelle aber zu weit, das würde erstmal verwirren.


Detlef Kunz schrieb:
> che Arithmetik.
> Das ist ungewöhnlich grausame Arithmetik. :)
> Schau mal http://www.cs.utsa.edu/~wagner/laws/FFM.html ganz unten.

Hier ist diese Methode ja auch genauer beschrieben, sollte auch 
verständlich sein.
Als grausam würd ich das nicht bezeichnen, ich finde sowas ehrlich 
gesagt sogar ziemlich schön! :-) Früher kams bei mal in Höherer 
Mathematik dran, aber das haben sie dann leider wieder gestrichen...

  


  




  

    Beitrag melden Bearbeiten Löschen Markierten Text zitieren Antwort Antwort mit Zitat
  








    

    

       Thread beobachten

      |
         Seitenaufteilung abschalten

    

        


Bitte melde dich an um einen Beitrag zu schreiben. Anmeldung ist kostenlos und dauert nur eine Minute.



  Bestehender Account

  


  
  

  
    

      

        
          
        
        
          
        
      

      

        
          
        
        
          
        
      

    


    
    
    





  Schon ein Account bei Google/GoogleMail? Keine Anmeldung erforderlich!

  Mit Google-Account einloggen
  





  Noch kein Account? Hier anmelden.